1. Technical Field
The present invention relates generally to the verification of the integrity of firmware of an embedded system and, more particularly, to an apparatus and method for verifying the integrity of firmware of an embedded system based on the comparison of integrity codes.
2. Description of the Related Art
Damage from the hacking of an Operating System (OS) is an increasingly common problem. Even in the case of an embedded system, damage from firmware forgery may be caused, similarly to the hacking of the OS. In particular, if, among embedded systems, network components, such as a router, a switch, a printer, and a scanner, are targeted by firmware forgery, damage as serious as that which results from the hacking of the OS may be caused.
Generally, an apparatus for verifying the integrity of firmware of an embedded system is configured in a server-client structure, and is problematic in that forgery may occur during a procedure for receiving a program from a server.
Korean Patent Application Publication No. 2006-0119967 discloses technology for storing an integrity verification program from a server in an embedded system that is a client, receiving a response from the integrity verification program, and then verifying integrity.
However, the above conventional technology merely presents technology for simply receiving a response from the integrity verification program, and neither discloses nor suggests a detailed configuration for comparing the integrity code of the firmware of the embedded system with the integrity code of source firmware. Further, the conventional technology presents technology for merely storing the integrity verification program in the embedded system, and neither discloses nor suggests a detailed configuration for storing a program for calculating an integrity code in the execution memory of the embedded system. Furthermore, the conventional technology does not describe a configuration that can be applied even to an embedded system incapable of accessing a network, by utilizing communication interfaces such as a Universal Serial Bus (USB), a Universal Asynchronous Receiver/Transmitter (UART), and the Ethernet.
Therefore, new technology for verifying the integrity of firmware of an embedded system is required which can determine whether the firmware of the embedded system is the latest version and has been forged, by comparing the integrity code of the firmware of the embedded system with the integrity code of source firmware, can solve the problem of program forgery occurring in a server-client structure by storing a program for calculating an integrity code in the execution memory of the embedded system and by utilizing the integrity code calculated by executing the program, and can perform integrity verification even on an embedded system incapable of accessing a network, by utilizing communication interfaces such as a USB, a UART, and the Ethernet.